在线切换部门，用户缓存信息未变更 issues/I1X4DT

zhangdaiscott
1 parent 7f6e204c
Showing 5 changed files with 2 additions and 47 deletions
jeecg-boot/jeecg-boot-base-common/src/main/java/org/jeecg/common/constant/CacheConstant.java
jeecg-boot/jeecg-boot-base-common/src/main/java/org/jeecg/config/shiro/ShiroRealm.java
jeecg-boot/jeecg-boot-module-system/src/main/java/org/jeecg/modules/cas/controller/CasClientController.java
jeecg-boot/jeecg-boot-module-system/src/main/java/org/jeecg/modules/system/controller/LoginController.java
jeecg-boot/jeecg-boot-module-system/src/main/java/org/jeecg/modules/system/controller/ThirdLoginController.java
@@ -8,11 +8,6 @@ package org.jeecg.common.constant;
 public interface CacheConstant {
  
 	/**
-	 * 缓存用户jwt
-	 */
-	public static final String SYS_USERS_CACHE_JWT = "sys:cache:user:jwt";
-
-	/**
 	 * 字典信息缓存
 	 */
     public static final String SYS_DICT_CACHE = "sys:cache:dict";
@@ -114,14 +114,7 @@ public class ShiroRealm extends AuthorizingRealm {
  
         // 查询用户信息
         log.debug("———校验token是否有效————checkUserTokenIsEffect——————— "+ token);
-        LoginUser loginUser = (LoginUser) redisUtil.get(CacheConstant.SYS_USERS_CACHE_JWT+":"+token);
-        //TODO 当前写法导致两个小时操作中token过期
-        //如果redis缓存用户信息为空，则通过接口获取用户信息,避免超过两个小时操作中token过期
-        if(loginUser==null){
-            loginUser = commonAPI.getUserByName(username);
-            //密码二次加密，因为存于redis会泄露
-            loginUser.setPassword(SecureUtil.md5(loginUser.getPassword()));
-        }
+        LoginUser loginUser = commonAPI.getUserByName(username);
         if (loginUser == null) {
             throw new AuthenticationException("用户不存在!");
         }
@@ -87,14 +87,6 @@ public class CasClientController {
 	 		redisUtil.set(CommonConstant.PREFIX_USER_TOKEN + token, token);
 	 		redisUtil.expire(CommonConstant.PREFIX_USER_TOKEN + token, JwtUtil.EXPIRE_TIME*2 / 1000);
  
-	 		//update-begin-author:taoyan date:20200812 for:登录缓存用户信息
-			LoginUser vo = new LoginUser();
-			BeanUtils.copyProperties(sysUser,vo);
-			vo.setPassword(SecureUtil.md5(sysUser.getPassword()));
-			redisUtil.set(CacheConstant.SYS_USERS_CACHE_JWT +":" +token, vo);
-			redisUtil.expire(CacheConstant.SYS_USERS_CACHE_JWT +":" +token, JwtUtil.EXPIRE_TIME*2 / 1000);
-			//update-end-author:taoyan date:20200812 for:登录缓存用户信息
-
 	 		//获取用户部门信息
 			JSONObject obj = new JSONObject();
 			List<SysDepart> departs = sysDepartService.queryUserDeparts(sysUser.getId());
@@ -356,20 +356,11 @@ public class LoginController {
 		String syspassword = sysUser.getPassword();
 		String username = sysUser.getUsername();
 		// 生成token
-		String token = JwtUtil.sign(username, SecureUtil.md5(syspassword));
+		String token = JwtUtil.sign(username, syspassword);
         // 设置token缓存有效时间
 		redisUtil.set(CommonConstant.PREFIX_USER_TOKEN + token, token);
 		redisUtil.expire(CommonConstant.PREFIX_USER_TOKEN + token, JwtUtil.EXPIRE_TIME*2 / 1000);
  
-		//update-begin-author:taoyan date:20200812 for:登录缓存用户信息
-		LoginUser vo = new LoginUser();
-		BeanUtils.copyProperties(sysUser,vo);
-		//密码二次加密，因为存于redis会泄露
-		vo.setPassword(SecureUtil.md5(sysUser.getPassword()));
-		redisUtil.set(CacheConstant.SYS_USERS_CACHE_JWT +":" +token, vo);
-		redisUtil.expire(CacheConstant.SYS_USERS_CACHE_JWT +":" +token, JwtUtil.EXPIRE_TIME*2 / 1000);
-		//update-end-author:taoyan date:20200812 for:登录缓存用户信息
-
 		// 获取用户部门信息
 		JSONObject obj = new JSONObject();
 		List<SysDepart> departs = sysDepartService.queryUserDeparts(sysUser.getId());
@@ -484,14 +475,6 @@ public class LoginController {
 		redisUtil.set(CommonConstant.PREFIX_USER_TOKEN + token, token);
 		redisUtil.expire(CommonConstant.PREFIX_USER_TOKEN + token, JwtUtil.EXPIRE_TIME*2 / 1000);
  
-		//update-begin-author:taoyan date:20200812 for:登录缓存用户信息
-		LoginUser vo = new LoginUser();
-		BeanUtils.copyProperties(sysUser,vo);
-		vo.setPassword(SecureUtil.md5(sysUser.getPassword()));
-		redisUtil.set(CacheConstant.SYS_USERS_CACHE_JWT +":" +token, vo);
-		redisUtil.expire(CacheConstant.SYS_USERS_CACHE_JWT +":" +token, JwtUtil.EXPIRE_TIME*2 / 1000);
-		//update-end-author:taoyan date:20200812 for:登录缓存用户信息
-
 		//token 信息
 		obj.put("token", token);
 		result.setResult(obj);
@@ -109,14 +109,6 @@ public class ThirdLoginController {
     		// 设置超时时间
     		redisUtil.expire(CommonConstant.PREFIX_USER_TOKEN + token, JwtUtil.EXPIRE_TIME / 1000);
  
-			//update-begin-author:taoyan date:20200812 for:登录缓存用户信息
-			LoginUser redisUser = new LoginUser();
-			BeanUtils.copyProperties(user, redisUser);
-			redisUser.setPassword(SecureUtil.md5(user.getPassword()));
-			redisUtil.set(CacheConstant.SYS_USERS_CACHE_JWT +":" +token, redisUser);
-			redisUtil.expire(CacheConstant.SYS_USERS_CACHE_JWT +":" +token, JwtUtil.EXPIRE_TIME*2 / 1000);
-			//update-end-author:taoyan date:20200812 for:登录缓存用户信息
-
     		modelMap.addAttribute("token", token);
 		//update-begin--Author:wangshuai  Date:20200729 for：接口在签名校验失败时返回失败的标识码 issues#1441--------------------
         }else{